From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Florian Klink <flokli@flokli.de>, wireguard@lists.zx2c4.com
Subject: Re: [PATCH] tools: add wireguard@.service
Date: Fri, 26 May 2017 11:30:26 -0400 [thread overview]
Message-ID: <87wp93octp.fsf@fifthhorseman.net> (raw)
In-Reply-To: <20170526084423.31088-1-flokli@flokli.de>
[-- Attachment #1: Type: text/plain, Size: 1581 bytes --]
Hi Florian--
On Fri 2017-05-26 10:44:23 +0200, Florian Klink wrote:
> If you simply want to create wireguard interfaces and configure them,
> wg-quick might be too much, as it also configures Addresses, MTU and
> adds routes. This unit file can be used in cases where you want to use
> wg(8) to configure the wireguard interface, but do regular network
> configuration on top of the link by something else (possibly not knowing
> wireguard, like systemd-networkd or NetworkManager.
I like this suggestion, but i see it as a stopgap until there is real
integration with systemd-networkd -- this would ideally be a .network
unit just like every other network interface, right?
A couple thoughts on the .service file:
> diff --git a/src/tools/wireguard@.service b/src/tools/wireguard@.service
> new file mode 100644
> index 0000000..b6d53bf
> --- /dev/null
> +++ b/src/tools/wireguard@.service
> @@ -0,0 +1,19 @@
> +[Unit]
> +Description=WireGuard via wg(8) for %I
> +After=network-online.target
> +Wants=network-online.target
This implies that the network is online *before* the interface comes up.
That means that other tools which depend on the wireguard link being
established can no longer depend on network-online.target, right?
> +Documentation=man:wg(8)
> +Documentation=https://www.wireguard.io/
> +Documentation=https://www.wireguard.io/quickstart/
> +Documentation=https://git.zx2c4.com/WireGuard/about/src/tools/wg.8
I think given the use of the conf file, the [Unit] section should also
have:
ConditionFileNotEmpty=/etc/wireguard/%i.conf
Regards,
--dkg
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 832 bytes --]
next prev parent reply other threads:[~2017-05-26 15:20 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-26 8:44 Florian Klink
2017-05-26 15:30 ` Daniel Kahn Gillmor [this message]
2017-05-26 17:01 ` Florian Klink
2017-05-26 21:09 ` Jörg Thalheim
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87wp93octp.fsf@fifthhorseman.net \
--to=dkg@fifthhorseman.net \
--cc=flokli@flokli.de \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).